Linux kernel versions 2.6.22 and below 3.9 Dirty COW PTRACE_POKEDATA race condition privilege escalation exploit that provides write access.
75ff539a8a24a8be021952f9fe3ce91740ceffe0c4f3d8a757f41198c7d94fc2
Whitepaper called I Know Where Your Page Lives - De-randomizing the latest Windows 10 Kernel.
683a071d37a56a2fccbb483b76b20b2b2c3e364a8cdec6059ec637a605271496
WordPress Olimometer plugin versions 2.56 and below suffer from a remote SQL injection vulnerability.
64dc1c8e935eacce15fa05b952bd929c777edb6835c53201bf419408ead4cc03
RedTeam Pentesting discovered behavior in the Less.js compiler, which allows execution of arbitrary code if an untrusted LESS file is compiled.
f903fc3389d263eceac3b7b2bbfa6a60d22496d0fa2b4102b24b08fb703421b5
NTP version 4.2.8p3 suffers from a denial of service vulnerability.
370cb180ff042cb4c142a87b29b8ed08718b361d3bef39c1a56df300a9cc1afc
Osticket versions 1.9.14 and below X-Forwarded-For stored cross site scripting exploit.
b66c370fc7160510f1cbf0686a458267815c6fa6241fc5b5c7ce5afeefd4eb0c
Koken versions 0.22.7 and 0.22.11 suffer from multiple cross site scripting vulnerabilities.
9fe51081577a7f4582734f5ebf704d8cee00e997d6879736d50ed304ecb185c4
A specially crafted web-page can cause a type confusion in HTML layout in Microsoft Internet Explorer 11. An attacker might be able to exploit this issue to execute arbitrary code.
3740764f86f5d2fd2f3b6f223477002163bbc951712e7b3c6a6dffc53f30b30b
A specially crafted web-page can cause Microsoft Internet Explorer 10 to continue to use an object after freeing the memory used to store the object. An attacker might be able to exploit this issue to execute arbitrary code.
280f6bbd3b893f6ed43cb5145b66686fa4ee9ba2175cea9921b79d70736f92c8
This is an interesting analysis that goes over reverse engineering access to the HS-110 Smart Plug and how secrets are insecurely transferred.
fc4df8ad617d0757d76efea3391bb696f2330339c701752e37a9f6548c9c2e38
Linux ntpd 4.2.8 derive_nonce remote stack overflow proof of concept exploit.
b644936d55c89c9d1095c1dad6cbce1fa3aca1cbfa564eea9887ba3b31074317
A full analysis and proof of concept 0-day exploits for a heap corruption vulnerability in the gstreamer decoder.
b3a3dfb6b4b156d010d88b6ada470f62c2eeef56abcf655a4cb2263086fc11ec